Powered by Redocly

Transform Roles

The Transform Role specifies the type of transformation to use, and which parameters.

Create a new transform role

SecurityaccessToken
Request
query Parameters
validate
string <enumeration>

Validate the request but do not actually perform the requested operation

Value: "true"
Request Body schema:
One of:
template
string <creditcardnumber>
  • creditcardnumber: On credit card format, ie XXXX-YYYY-ZZZZ-WWWW
name
string <name>
key-length
integer <uint32>
Default: 16

Length of key, in bytes.

type
string <enumeration>
  • fpe
  • masking

The type of transformation to use fpe - format preserving encryption, reversible masking - mask sensitive data, non reversible

tweak-source
string <enumeration>
  • generated: A 16-byte random tweak is generated, it needs to be stored and supplied when decrypting.
  • supplied: A tweak is supplied in each invocation.
  • calculated: Surrounding text is used to generate a tweak.
  • internal: A random sequence specific to this role.

The tweak is used to enlarge the data that is encrypted, it can be sourced from one of the above.

masking-character
string
Default: "*"

Blank out character to use when masking data.

to (object) or sites (object) or deployments (object)
Responses
201

Created

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

409

Conflict (instance exists)

503

Service Unavailable (strongbox sealed)

post/v1/config/strongbox/transform/roles
Request samples 
name: creditcard
key-length: 16
type: masking
tweak-source: calculated
masking-character: "*"
template: creditcardnumber
distribute:
  to: inherit

Retrieve the configuration of all transform roles

SecurityaccessToken
Request
query Parameters
fields
string

Retrieve only requested fields from the resource

See section fields

validate
string <enumeration>

Validate the request but do not actually perform the requested operation

Value: "true"
keys
string <enumeration>

Retrieve only the keys for the list

Value: "true"
count
string <enumeration>

Retrieve only the number of elements in the list

Value: "true"
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

412

Precondition Failed

503

Service Unavailable (strongbox sealed)

get/v1/config/strongbox/transform/roles
Response samples 
- name: creditcard
  key-length: 16
  type: masking
  tweak-source: calculated
  masking-character: "*"
  template: creditcardnumber
  distribute:
    to: inherit

Update a transform role

SecurityaccessToken
Request
path Parameters
transform-role-name
required
string <name>

name of transform-role

query Parameters
validate
string <enumeration>

Validate the request but do not actually perform the requested operation

Value: "true"
Request Body schema:
One of:
template
string <creditcardnumber>
  • creditcardnumber: On credit card format, ie XXXX-YYYY-ZZZZ-WWWW
name
string <name>
key-length
integer <uint32>
Default: 16

Length of key, in bytes.

type
string <enumeration>
  • fpe
  • masking

The type of transformation to use fpe - format preserving encryption, reversible masking - mask sensitive data, non reversible

tweak-source
string <enumeration>
  • generated: A 16-byte random tweak is generated, it needs to be stored and supplied when decrypting.
  • supplied: A tweak is supplied in each invocation.
  • calculated: Surrounding text is used to generate a tweak.
  • internal: A random sequence specific to this role.

The tweak is used to enlarge the data that is encrypted, it can be sourced from one of the above.

masking-character
string
Default: "*"

Blank out character to use when masking data.

to (object) or sites (object) or deployments (object)
Responses
204

No Content

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

412

Precondition Failed

503

Service Unavailable (strongbox sealed)

patch/v1/config/strongbox/transform/roles/{transform-role-name}
Request samples 
name: creditcard
key-length: 16
type: masking
tweak-source: calculated
masking-character: "*"
template: creditcardnumber
distribute:
  to: inherit

Delete a transform role

SecurityaccessToken
Request
path Parameters
transform-role-name
required
string <name>

name of transform-role

query Parameters
validate
string <enumeration>

Validate the request but do not actually perform the requested operation

Value: "true"
Responses
204

No Content

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

412

Precondition Failed

503

Service Unavailable (strongbox sealed)

delete/v1/config/strongbox/transform/roles/{transform-role-name}

Replace or create a new transform role

SecurityaccessToken
Request
path Parameters
transform-role-name
required
string <name>

name of transform-role

query Parameters
validate
string <enumeration>

Validate the request but do not actually perform the requested operation

Value: "true"
Request Body schema:
One of:
template
string <creditcardnumber>
  • creditcardnumber: On credit card format, ie XXXX-YYYY-ZZZZ-WWWW
name
string <name>
key-length
integer <uint32>
Default: 16

Length of key, in bytes.

type
string <enumeration>
  • fpe
  • masking

The type of transformation to use fpe - format preserving encryption, reversible masking - mask sensitive data, non reversible

tweak-source
string <enumeration>
  • generated: A 16-byte random tweak is generated, it needs to be stored and supplied when decrypting.
  • supplied: A tweak is supplied in each invocation.
  • calculated: Surrounding text is used to generate a tweak.
  • internal: A random sequence specific to this role.

The tweak is used to enlarge the data that is encrypted, it can be sourced from one of the above.

masking-character
string
Default: "*"

Blank out character to use when masking data.

to (object) or sites (object) or deployments (object)
Responses
201

Created

204

No Content

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

412

Precondition Failed

503

Service Unavailable (strongbox sealed)

put/v1/config/strongbox/transform/roles/{transform-role-name}
Request samples 
name: creditcard
key-length: 16
type: masking
tweak-source: calculated
masking-character: "*"
template: creditcardnumber
distribute:
  to: inherit

Retrieve the configuration of a transform role

SecurityaccessToken
Request
path Parameters
transform-role-name
required
string <name>

name of transform-role

query Parameters
fields
string

Retrieve only requested fields from the resource

See section fields

validate
string <enumeration>

Validate the request but do not actually perform the requested operation

Value: "true"
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

412

Precondition Failed

503

Service Unavailable (strongbox sealed)

get/v1/config/strongbox/transform/roles/{transform-role-name}
Response samples 
name: creditcard
key-length: 16
type: masking
tweak-source: calculated
masking-character: "*"
template: creditcardnumber
distribute:
  to: inherit

Retrieve the state of all transform roles

SecurityaccessToken
Request
query Parameters
fields
string

Retrieve only requested fields from the resource

See section fields

site
string

Send the request to the specfifed site

content
string <enumeration>

Filter descendant nodes in the response

Enum: "config" "nonconfig"
keys
string <enumeration>

Retrieve only the keys for the list

Value: "true"
count
string <enumeration>

Retrieve only the number of elements in the list

Value: "true"
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

get/v1/state/strongbox/transform/roles
Response samples 
- name: creditcard
  key-length: 16
  type: masking
  tweak-source: calculated
  masking-character: "*"
  template: creditcardnumber
  distribute:
    to: inherit
  distribution-status:
    to: none

Retrieve the state of a transform role

SecurityaccessToken
Request
path Parameters
transform-role-name
required
string <name>

name of transform-role

query Parameters
fields
string

Retrieve only requested fields from the resource

See section fields

site
string

Send the request to the specfifed site

content
string <enumeration>

Filter descendant nodes in the response

Enum: "config" "nonconfig"
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

get/v1/state/strongbox/transform/roles/{transform-role-name}
Response samples 
name: creditcard
key-length: 16
type: masking
tweak-source: calculated
masking-character: "*"
template: creditcardnumber
distribute:
  to: inherit
distribution-status:
  to: none
➔ Next to Transit Keys